Volume 4 Number 1 (Jan. 2009)
Home > Archive > 2009 > Volume 4 Number 1 (Jan. 2009) >
JCP 2009 Vol.4(1): 3-10 ISSN: 1796-203X
doi: 10.4304/jcp.4.1.3-10

Collecting Sensitive Information from Windows Physical Memory

Qian Zhao1, Tianjie Cao2
1School of Computer, China University of Mining and Technology Sanhuannanlu, Xuzhou, Jiangsu, 221116, China
2National Mobile Communications Research Laboratory, Southeast University Sipailou No.2, Nanjing, Jiangsu, 210096, China


Abstract—When investigators are faced with a target system, they want to find sensitive information such as userID and password. Unfortunately, sensitive information can not be found on the hard drive in most cases. Consequently, sensitive information needs to be gathered from physical memory. In our research, we have found lots of sensitive information from physical memory by different techniques. Besides userID and password, we also have found QQ-chat logs that never have been referred in other papers.

Index Terms—Memory forensics, sensitive information, live system.

[PDF]

Cite: Qian Zhao, Tianjie Cao, "Collecting Sensitive Information from Windows Physical Memory," Journal of Computers vol. 4, no. 1, pp. 3-10, 2009.

General Information

ISSN: 1796-203X
Abbreviated Title: J.Comput.
Frequency: Monthly
Editor-in-Chief: Prof. Liansheng Tan
Executive Editor: Ms. Nina Lee
Abstracting/ Indexing: DBLP, EBSCO,  ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat, CNKI,etc
E-mail: jcp@iap.org
  • Aug 16, 2019 News!

    Vol 14, No 8 has been published with online version   [Click]

  • Jul 19, 2019 News!

    Vol 14, No 7 has been published with online version   [Click]

  • Jun 21, 2019 News!

    Vol 14, No 6 has been published with online version   [Click]

  • Apr 28, 2019 News!

    Vol 14, No 5 has been published with online version 7 papers are published in this issue after peer review   [Click]

  • Mar 20, 2019 News!

    Vol 14, No 3 has been published with online version   [Click]

  • Read more>>